CVE-2023-54110

NONE EPSS 8.2%
Published Dec 24, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a unexpectetly large value will cause the sum with len and 8 to overflow and pass the implemented validation step. Consequently the response pointer will be referring to a location past the expected buffer boundaries allowing information leakage e.g. via RNDIS_OID_802_3_PERMANENT_ADDRESS OID.

Threat Intelligence

EPSS Exploit Probability
8.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/02ffb4ecf0614c58e3d0e5bfbe99588c9ddc77c0
  • git.kernel.org https://git.kernel.org/stable/c/11cd4ec6359d90b13ffb8f85a9df8637f0cf8d95
  • git.kernel.org https://git.kernel.org/stable/c/232ef345e5d76e5542f430a29658a85dbef07f0b
  • git.kernel.org https://git.kernel.org/stable/c/39eadaf5611ddd064ad1c53da65c02d2b0fe22a4
  • git.kernel.org https://git.kernel.org/stable/c/55782f6d63a5a3dd3b84c1e0627738fc5b146b4e
  • git.kernel.org https://git.kernel.org/stable/c/a713602807f32afc04add331410c77ef790ef77a
  • git.kernel.org https://git.kernel.org/stable/c/c7dd13805f8b8fc1ce3b6d40f6aff47e66b72ad2
  • git.kernel.org https://git.kernel.org/stable/c/ebe6d2fcf7835f98cdbb1bd5e0414be20c321578

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.